Solved

Exchange Server 2013 Enterprise - Error MSExchange ADAccess Event ID 4113

Posted on 2016-08-01
7
424 Views
Last Modified: 2016-10-12
I am having an issue with my Exchange Server saying:

Log Name:      Application
Source:        MSExchange ADAccess
Date:          8/1/2016 9:10:17 AM
Event ID:      4113
Task Category: General
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      server
Description:
Process powershell.exe (EMS) (PID=25908). Component: Microsoft.Exchange.Data.Directory.ConfigurationSettingsADNotificationException: Error running AD operation. ---> Microsoft.Exchange.Data.Directory.ADTransientException: Could not find any available Domain Controller.
   at Microsoft.Exchange.Data.Directory.ConnectionPoolManager.GetConnection(ConnectionType connectionType, String partitionFqdn, ADObjectId domain, String serverName, Int32 port, NetworkCredential credential)
   at Microsoft.Exchange.Data.Directory.ADDataSession.GetConnection(String preferredServer, Boolean isWriteOperation, String optionalBaseDN, ADObjectId& rootId, ADScope scope)
   at Microsoft.Exchange.Data.Directory.ADDataSession.GetReadConnection(String preferredServer, String optionalBaseDN, ADObjectId& rootId, ADRawEntry scopeDeteriminingObject)
   at Microsoft.Exchange.Data.Directory.ADDataSession.InternalFind[TResult](ADObjectId rootId, String optionalBaseDN, ADObjectId readId, QueryScope scope, QueryFilter filter, SortBy sortBy, Int32 maxResults, IEnumerable`1 properties, Boolean includeDeletedObjects)
   at Microsoft.Exchange.Data.Directory.ADDataSession.Find[TResult](ADObjectId rootId, QueryScope scope, QueryFilter filter, SortBy sortBy, Int32 maxResults, IEnumerable`1 properties, Boolean includeDeletedObjects)
   at Microsoft.Exchange.Data.Directory.ADDataSession.Find[TResult](ADObjectId rootId, QueryScope scope, QueryFilter filter, SortBy sortBy, Int32 maxResults)
   at Microsoft.Exchange.Data.Directory.SystemConfiguration.ADSystemConfigurationSession.GetRootOrgContainer(String partitionFqdn, String domainController, NetworkCredential credential)
   at Microsoft.Exchange.Data.Directory.SystemConfiguration.ConfigurationSettings.ADConfigDriver.<>c__DisplayClass2.<LoadSettings>b__0()
   at Microsoft.Exchange.Data.Directory.ADNotificationAdapter.RunADOperation(ADOperation adOperation, Int32 retryCount)
   at Microsoft.Exchange.Data.Directory.ADNotificationAdapter.TryRunADOperation(ADOperation adOperation, Int32 retryCount)
   --- End of inner exception stack trace ---. Unable to load application settings. Exception: '%4'
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="MSExchange ADAccess" />
    <EventID Qualifiers="49152">4113</EventID>
    <Level>2</Level>
    <Task>1</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2016-08-01T14:10:17.000000000Z" />
    <EventRecordID>637930</EventRecordID>
    <Channel>Application</Channel>
    <Computer>server</Computer>
    <Security />
  </System>
  <EventData>
    <Data>powershell.exe (EMS)</Data>
    <Data>25908</Data>
    <Data>Microsoft.Exchange.Data.Directory.ConfigurationSettingsADNotificationException: Error running AD operation. ---&gt; Microsoft.Exchange.Data.Directory.ADTransientException: Could not find any available Domain Controller.
   at Microsoft.Exchange.Data.Directory.ConnectionPoolManager.GetConnection(ConnectionType connectionType, String partitionFqdn, ADObjectId domain, String serverName, Int32 port, NetworkCredential credential)
   at Microsoft.Exchange.Data.Directory.ADDataSession.GetConnection(String preferredServer, Boolean isWriteOperation, String optionalBaseDN, ADObjectId&amp; rootId, ADScope scope)
   at Microsoft.Exchange.Data.Directory.ADDataSession.GetReadConnection(String preferredServer, String optionalBaseDN, ADObjectId&amp; rootId, ADRawEntry scopeDeteriminingObject)
   at Microsoft.Exchange.Data.Directory.ADDataSession.InternalFind[TResult](ADObjectId rootId, String optionalBaseDN, ADObjectId readId, QueryScope scope, QueryFilter filter, SortBy sortBy, Int32 maxResults, IEnumerable`1 properties, Boolean includeDeletedObjects)
   at Microsoft.Exchange.Data.Directory.ADDataSession.Find[TResult](ADObjectId rootId, QueryScope scope, QueryFilter filter, SortBy sortBy, Int32 maxResults, IEnumerable`1 properties, Boolean includeDeletedObjects)
   at Microsoft.Exchange.Data.Directory.ADDataSession.Find[TResult](ADObjectId rootId, QueryScope scope, QueryFilter filter, SortBy sortBy, Int32 maxResults)
   at Microsoft.Exchange.Data.Directory.SystemConfiguration.ADSystemConfigurationSession.GetRootOrgContainer(String partitionFqdn, String domainController, NetworkCredential credential)
   at Microsoft.Exchange.Data.Directory.SystemConfiguration.ConfigurationSettings.ADConfigDriver.&lt;&gt;c__DisplayClass2.&lt;LoadSettings&gt;b__0()
   at Microsoft.Exchange.Data.Directory.ADNotificationAdapter.RunADOperation(ADOperation adOperation, Int32 retryCount)
   at Microsoft.Exchange.Data.Directory.ADNotificationAdapter.TryRunADOperation(ADOperation adOperation, Int32 retryCount)
   --- End of inner exception stack trace ---</Data>
  </EventData>
</Event>

I've been scouring the Internet and found things relating back to 2007 and 2010 but not 2013 in particular.  I've tried some of the 2010 items to no avail.  One of the issues I'm trying to get to the bottom to is the inability to access the properties of resource mailbox pages.  Where it was an old one or a new one, I get a 500 error when I try to edit it.

Anyone see this before or have any thoughts on how best to fix this?

Regards,

Jason
0
Comment
Question by:TIDIProducts
  • 3
  • 3
7 Comments
 
LVL 9

Accepted Solution

by:
Ibrahim Benna earned 500 total points (awarded by participants)
ID: 41737533
How many domain controllers do you have? How many Active Directory Sites do you have identified in AD sites and Services? Do you have any Subnets identified in AD Sites and Services? Exchange is heavily reliant on this and if not configured properly you will have issues. How many physical locations do you have your domain controllers placed in?
0
 

Author Comment

by:TIDIProducts
ID: 41737548
Hi DeBlackman,

Currently I have a total of 5 domain controllers in 2 Active Directory Domains.  3 in my parent domain and 2 in my child domain.  Exchange resides in the parent domain.  I have a total of 4 sites defined in AD Sites and Services to coordinate with the physical site locations.  1 site for 2 locations in MI (because one of the sites has no AD servers in it), 1 site for HQ and 1 site for our hotsite.  The fourth site defined in there is a default first site that was created back in the day that currently has no servers assigned to it and no subnets assigned to it.  Subnets are created for all of those sites according to what's setup at each site.  I have 2 servers in MI sites, 2 in HQ site and 1 in Hotsite.  The servers that reside in each are virtual machines that are located on VM hosts in each site respectively.

Regards,

Jason
0
 

Author Comment

by:TIDIProducts
ID: 41737561
Another note.  When I do a check to determine what site the exchange server is part of, it reports the proper site where I have 2 domain controllers sitting.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 9

Expert Comment

by:Ibrahim Benna
ID: 41737576
If your default site is empty and has no subnets associated with it, I recommend to delete it.

Check you domain controllers - do you see any AD related errors or warnings being generated in event logs?
0
 

Assisted Solution

by:TIDIProducts
TIDIProducts earned 0 total points (awarded by participants)
ID: 41737604
On the System log of my FSMO DC I see a recurring Schannel error statis fatal error alert 70 was generated with an Internal state of 105.

On the Directory Service log I see an ActiveDirectory_DomainService 2887 error for the LDAP Interface where it comments about rejecting binds from SASL or LDAP.

NtFrs Event ID 13562 that I was looking into.  Talking about a conflict between two objects pointing to the same server name from the way it appears.  Related to the sites and services extra site perhaps?
0
 
LVL 9

Expert Comment

by:Ibrahim Benna
ID: 41763500
inactive post
0
 

Expert Comment

by:Member_2_6552605
ID: 41840357
use run as admin for exch powershell
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question